The well-known ransomware group Shiny Hunters has added several victims to their leak page in the last few hours, and among them is the clothing firm Ralph Lauren Corporation.
The threat actor claims to have 220 GB from the company containing customers’ personal identification information (PII), purchase histories, and financial transaction data, as well as information on future releases, detailing strategic plans and collections planned for 2027 and beyond.
The cybercriminals have given Ralph Lauren until next Sunday, June 14, to pay the ransom they have demanded, or they will publish all these details and unleash “additional digital problems.” Although it’s unclear what they mean, this could translate into DDoS attacks or harassment campaigns against customers.
The amount the extortionists have demanded has not been revealed. It is also unknown how many customers could be affected or from which countries.
“We are not joking. Make the right decision, don’t become the next news headline,” reads the extortion message from the gang.
At the time of writing this article, the textile multinational had not yet commented on this alleged security breach.
If the company does not pay, the biggest risk for customers will be high-precision phishing. With real names, emails, and purchase histories, scammers will send hyper-personalized messages impersonating the brand to steal passwords and credit cards or attempt to hack other user accounts by reusing keys.
At a corporate level, the leak of planned releases for 2027 opens the door to industrial espionage and counterfeiting. Illegal networks could access the designs and strategic plans to replicate Ralph Lauren’s luxury collections and launch them into the pirate market long before their official debut.
A very active gang
ShinyHunters has become the worst nightmare for the global retail and luxury sector. Their strategy is not usually based on hacking the brands’ fortified central systems but targeting the supply chain, hacking customer service platforms (like Salesforce or Drift), data analytics tools, or logistics providers.
The group dealt a massive blow to the Kering Group, where they claimed to have compromised over 43 million exclusive customer records from Gucci, along with about 7.4 million combined records from brands like Balenciaga, Brioni, and Alexander McQueen.
Furthermore, giants like the LVMH Group saw how three of their most iconic brands—Louis Vuitton, Dior, and Tiffany & Co.—suffered data breaches in South Korea after attackers maintained silent access for almost a month to a database managed by an external provider.
To this list, Chanel is added, affected by a wave of social engineering attacks targeting cloud environments (Salesforce) that exposed confidential customer information in multiple international markets, consolidating the group as the current biggest threat to high-net-worth consumer databases.
Additionally, the ransomware gang also targeted a Spanish victim. In April, they went after Inditex, through the Israeli data and AI platform Anodot. In the end, they obtained personal data from 197,000 Zara customers.
Click Here For The Original Source.
